False
All industries and organisations can and are targeted.
Answers to our Fact or Fiction section in the newsletter
Cyber Security doesn’t apply to me because I’m not in the Government or Healthcare industry.
False
All industries and organisations can and are targeted.
Enabling two factor authentication and using a strong, unique password helps to keep your social media accounts secure
True
Multi-Factor Authentication is a commonly used and valuable security tool. You are given access to an account after providing two or more pieces of information; something you are, something you have or something you know. For example, a username, password and code sent to your device. Passwords should be complex and unique.
It is perfectly safe to install a USB stick I found on the bus
False
Cyber criminals can plant USB sticks with the intention of spreading malware. When plugged in they can compromise devices and potentially wider network systems. You are advised to never use a USB stick you find or is second hand, and has not been fully wiped by a University team.
Mobile phones do not need to run anti-virus software
False
Viruses exist for mobile phones and can infect and compromise. You should install an anti-virus app and keep it updated.
I don't handle personal data so I am of no interest to cyber criminals
False
We all have personal data about ourselves and most likely family and friends which is of interest to criminals. Our laptop, phone or other device if compromised can be used as a route into the University network. Anyone can be a target
Social engineering is one of the biggest threats we face
True
Social engineering is the manipulation of the natural human tendency to trust. Social engineers use deception to encourage individuals into divulging personal information and data which can then be used for fradulent purposes. An attack can start with a phishing email, a text, a phone call, even an arranged meeting in the street. Cyber criminals know about social engineering and are expert in its use.
Mobile phone apps can share data with other apps.
True
It's important to be aware of what you install and give permission to when accepting the terms and conditions for mobile apps.
Wi-Fi enabled slow cookers are now available to purchase.
True
Today it's difficult to name a household object that isn't available with a wi-fi option and app. As with your laptop and phone the security of these should be kept under regular review.
It's perfectly okay to plug in a USB stick found in a carpark.
False
The USB stick could easily be setup to infect your computer, setting up a backdoor connection for further compromise. It's an attack vector that is used by cyber criminals when attempting to infiltrate an organisation.
All phishing emails contain a link or an attachment to click on.
False
Phishing attempts can range in format: initial contact can be a plain text email with no attachments or links, to lure the victim into a dialogue.
Cyber security at the University is the responsibility of everyone.
True
Our information security is dependent on the safety and good practice of all of our members.
Password Managers are only useful to people with sensitive data.
False
Password managers benefit every internet or account user, as we all tend to have a great number of complex passwords to remember, which should not be written down. We all hold personal info about ourselves and family that can be of great value to criminals. Your data is important and should be kept secure. Our University uses a password manager called LastPass
The first incidence of Ransomware dates from 1989
True
The AIDS Trojan mailed out on a five and a quarter inch floppy disk is the first recorded case of Ransomware
According to Microsoft 50% of compromises against organisations start with an email
False
The latest from Microsoft is a staggering 90% of compromises start with an email
Hackers compromised a Las Vegas Casino by breaking in via an Internet connected fish tank
True
The company Darktrace worked on an incident in 2018 where a casino was hacked via a thermometer in a lobby aquarium
Word documents can contain computer viruses
Ransomware is the most common form of malware in the world today
True
We deliver an awareness session that explains what ransomware is, and how to protect against it. Find out when the next session will be and how to book, at MyEd.
More compromises against organisations begin with a phishing email than from any other threat